Hacked Accounts

Its 100% TRUE. No one can log into your PoE account from a new location without first activating the verification code sent to your email.

I know this for a fact because the game doesn't let me log in everyday until I put in my verification code when my dynamic IP changes.

The only way to log into a PoE account from a new location is with the verification code sent to your email. If people are still getting hacked, then yes your email is compromised.

No, listen...

If they have your -correct- password, and they try to login, you get sent an email with the verification code.

I got sent one of these codes, which meant -they had my correct PoE password-.

What they did NOT have, was my email password, so they never got in to steal my stuff.

Which means my email account has -not- been compromised. ALL they had was my Path of Exile password, which was a password I have never typed in anywhere except into the Path of Exile client, and into the Path of Exile website to create my account.

So yes, people who had the same password for their email and the game have had both their email and the game compromised, but not "100%" because their email was compromised first. I'm sure many of them had their email compromised because their game account was compromised first.

I am a perfect example of game account being compromised without email being so.

So if your account wasn't hacked then I don't understand your earlier rant.

Your account address is your email address, so whoever tried to log in has your email address.

The security check worked as it should then, and you should change your account email and password asap.

"

bhavv wrote:

So if your account wasn't hacked then I don't understand your earlier rant.

Your account address is your email address, so whoever tried to log in has your email address.

The security check worked as it should then, and you should change your account email and password asap.

Are you mentally impaired? I'm serious, you should probably stop posting.

After reading the posts after mine, I come to the conlclusion that "they":D, probably had my PoE PW but not the one for my Mail Account. Good, that explains why nothing in my chest was missing (orbs etc.), they didnt manage to enter my account in the end...

One question remains: Should I change my PW for PoE now?

I mean it seems like they have my PoE PW, the question is how? They dont have the one for my mail account, but I use Outlook where it is stored and I dont have to enter it, so if they use one of this recording softwares (recordes your typing, dont know the name for it:D), it doesnt matter if I change it, they'll have th new one right a way...

"

Selanmer wrote:

"

Morgawr wrote:

It's nice informing others about such things but this is hardly related to the topic. People aren't getting hacked because of Java vulnerabilities (unless such vulnerability allowed hackers to get into GGG's database, which might be likely)

This time.. not just an idiot.. but a fucking idiot...

Help or shut up. Seriously. We have enough people with frayed nerves in this thread, and all you're doing is unnecessarily stirring shit further.

I'm flat out quitting PoE until the policy on hacked accounts changes. This is the first and only time I have ever heard of a company refusing to help their customers that had their accounts hacked. The ridiculous security of "well, who cares if the account is being logged in from far away from where they are from, we'll lock it AFTER the account is logged in and looted" makes no sense at all. Couple that with GGG's desire to put the game over the customers and there's really no reason to keep playing and give them. Here's a news flash: there is no game without the customers.

As more and more people get compromised people will quit in droves. It will reach the point where not enough people are playing and paying and the game will have to shut down. I sincerely hope there will be a change in policy before then.

Wow.. I should'v been reading this thread. Attempted in-game hack happened to me multiple times today. Changed everything with email and passes.

I haven't been hacked or any such, but something does seem inherently wrong with the logic here. The reason - correct me if I'm wrong - they seem to give for not rolling back trades or for not refunding items is because of the economy, yes?

While I understand this... How is it that they then turn a blind eye to multiboxers, I think they're called? People who use multiple machines or instances of the game to form parties of themselves and buff up their own drop rate like mad... This is similar to idling on TF2 with 20 accounts. It shifts the economy when it's done by many people.

C'mon, GGG. If you guys are going to abandon those in need, at least be consistent with your policies. e-o

My personal opinion on a solution is that they should just buff up their security in a away similar to Steam's account security so such things happen only on very rare occasions and just refund those who need refunding. The economy will balance itself back out with time. But, of course, I'm probably going to be shot for saying that, and shot for saying the above, judging by how this thread is going. Oh well. Shoot away, I suppose.

"

bhavv wrote:

"

Eninya wrote:

This game is the only game I've ever been 'hacked' on, and the new ass-backwards security feature is exactly that. What is the point of locking my account when a foreign login is detected if you only do it after its occurrence? My email isn't even compromised and I hadn't gone to any new sites.

Anyway, I'm washing my hands of this game because I don't want to deal with starting over upon starting over until a date comes in which the hacked rate isn't at such a staggering point. At least then all of the blame could rightfully be dumped on the players.

I did full scans just to be on the safe side, but all of them told me what I already knew: that there was nothing compromised nor anything even remotely questionable on my PC. See you around.

This is completely not how it works.

When my IP switches, I cannot login without entering my activation code first.

In every single case where people are still getting hacked right now, YOUR EMAIL ADDRESS THAT YOU USE FKR THIS GAME HAS BEEN COMPROMISED.

Cry all you want that you think your email is safe, I don't believe that anyone that was hacked bothered to create a new email account and password just for this game, and if you did then you've already been typing it all over the internet or onto gold seller websites and stuff.

Look for an email provider with a seperate authenticator for maximum security.

As stated by strump, GMAIL gives you a complete log of every login and even warns you of such occurrences. My email isn't and was never compromised. The password I use is also unique, just as my PoE password was(if weak, I wouldn't rule out brute-force). Please think before posting and if you're not going to be helpful just keep it to yourself, don't waste space in this thread.